CakePHP 3：在URL中传递数组时出错

Question

我正在尝试将datetime个变量传递到我的exportcsv方法中，以生成包含指定时间段数据的.csv文件。

两个变量都是关联数组，如下所示：

[
 'beginning' => [
    'year' => '2016',
    'month' => '06',
    'day' => '23',
    'hour' => '11',
    'minute' => '15'
  ],
  'end' => [
    'year' => '2016',
    'month' => '06',
    'day' => '29',
    'hour' => '11',
    'minute' => '15'
   ]
]

当我尝试传递变量时，我收到此消息的错误（是的，我得到了相同的两个警告）：

Warning (2): rawurlencode() expects parameter 1 to be string, array given [CORE\src\Routing\Route\Route.php, line 574]

Warning (2): rawurlencode() expects parameter 1 to be string, array given [CORE\src\Routing\Route\Route.php, line 574]

rawurlencode()是一个基本的PHP函数，这是line 574：

$pass = implode('/', array_map('rawurlencode', $pass));

看起来网址重写有些问题，但坦率地说，我不知道如何修复它。有什么想法吗？

exportcsv 中的

EventsController方法

public function exportcsv($beginning = null, $end = null)
{
 if ($this->request->is('post')) {
  $beginning = $this->request->data['Export']['beginning']; 
  $end = $this->request->data['Export']['end'];              

  return $this->redirect([$beginning, $end]);
 }

 if (!$beginning && !$end) {
  return $this->render();
 }

 $this->response->download('export.csv');
$data = $this->Events->find('all')
                          ->select([
                            'title',
                            'created',
                            'description',
                            'ended',
                            'working_hours',
                            'price',
                            'username' => 'Users.name',
                            'statusname' => 'Statuses.name',
                            'employeename' => 'Employees.name'
                          ])
                          ->leftJoinWith('Statuses')
                          ->leftJoinWith('Users')
                          ->leftJoinWith('Employees')
                          ->where(["created BETWEEN " . $beginning . " AND " . $end])
                          ->autoFields(true)
                          ->toArray();
$_serialize = 'data';
$_delimiter = chr(9); //tab
$_extract = ['title', 'created', 'description', 'ended', 'working_hours', 'price', 'username', 'statusname', 'employeename'];
$this->set(compact('data', '_serialize','_delimiter', '_extract'));
$this->viewBuilder()->className('CsvView.Csv');
return;
}

exportcsv.ctp查看：

<div class="events form large-6 medium-4 columns content">
  <?= $this->Form->create('Export'); ?>
  <?= $this->Form->input('beginning', array('type'=>'datetime', 'interval' => 15, 'label' => 'Beginning:')); ?>
  <?= $this->Form->input('end', array('type'=>'datetime',  'interval' => 15, 'label' => 'End:')); ?>
  <?= $this->Form->button(__('Add')) ?>
  <?= $this->Form->end() ?>
</div>

Answer 1

您无法在URL数组中传递数组，路由器不支持该数组。此外，您还需要另外传递相反，将您的单个值转换为正确的日期时间字符串，您可以通过DateTimeType类轻松地执行此操作，例如

if ($this->request->is('post')) {
    $beginning = $this->request->data('Export.beginning');
    $end = $this->request->data('Export.end');

    $type = \Cake\Database\Type::build('datetime');
    $beginning = $type->marshal($beginning)->format('Y-m-d H:i:s');
    $end = $type->marshal($end)->format('Y-m-d H:i:s');

    return $this->redirect([
        $beginning,
        $end
    ]);
}

此外，正如评论中已经提到的，您需要修复where()调用，因为它目前有SQL注入漏洞。 key => value项的键以及仅限值的项不会被绑定，而是直接插入查询中！

Cakes表达式构建器附带了安全生成BETWEEN表达式的方法：

->where(function(\Cake\Database\Expression\QueryExpression $exp) use ($beginning, $end) {
    return $exp->between('Events.created', $beginning, $end);
});

另见

• <强> API > \Cake\Database\DateTimeType::marshal()

• <强> Cookbook > Database Access & ORM > Query Builder > Advanced Conditions

• <强> CakePHP 3.0 -> Between find condition

Answer 2

您的重定向错误

return $this->redirect([
    'controller' => 'yourController', 
    'action' => 'yourAction', 
    $yourData]
);

有关此主题的更多信息，请参阅Cookbook